As traffic figures suggest that Internet access from Iran has been radically …

Share this story

Even at the best of times, Internet traffic in Iran is subject to extensive filtering. But in the wake of the disputed election and the civil unrest that has followed, the government appears to have taken more aggressive steps to police online communications. Nevertheless, news and images continue to make their way out of Iran, and a limited amount of organization by groups within the country appears to be continuing despite both online and real-world crackdowns. This can be ascribed in part to a number of volunteer efforts to provide Iranian citizens with secure ways of accessing the 'Net through secure proxies.

According to the OpenNet Initiative, Iran is ranked up with places like China and Burma as having pervasive filtering of online content. The ONI completed a report on the nation immediately before the election that suggested the country was following a trajectory similar to China's. Internet use is booming, having grown roughly 25-fold in this decade alone. The government had initially relied on off-the-shelf software to block sites deemed offensive for political or cultural reasons, but has developed an expertise and sophistication that matches the growth in the number of users it must police.

As a whole, the nation has started relying on Internet access for business and government services, which means that it can't realistically pull the plug on all services (a route apparently taken by Myanmar during recent protests there). Private households, however, have been subject to bandwidth caps that would make using video a painful experience, and all traffic must be routed through the state-owned Telecommunication Company of Iran, where filtering takes place.

On Saturday, June 12, the day after the election, TCI simply pulled the plug. Arbor Networks, which aggregates data from a number of global ISPs, saw traffic plunge radically, and then perform an erratic partial recovery. Although it's impossible to tell precisely what's going on, increased use of deep packet inspection hardware could account for the slow return of traffic.

What does appear to be increasing is the use of proxy servers by Iranian citizens, who can use them to obscure both the site that's being visited and the content being obtained from it. A blog at the Tor project, which develops the software needed to maintain an anonymizing chain of encrypted proxy servers, has seen several indications of an upsurge in use by Iranian citizens. The Electronic Frontier Foundation is suggesting that anyone interested in helping out the Iranians consider running a Tor Bridge, which will allow the user to help forward Tor traffic without having their computer's IP address show up in any public list, which could expose them to blacklisting by Iranian authorities.

But Tor isn't the only game in town when it comes to proxies. The Web proxy Squid will apparently work, and instructions for its use, along with a secure configuration file are also available. Other volunteers have created an ISO for use with VMWare and a VirtualBox VM file, either of which will boot into a Debian environment that runs Squid and Tor services by default.

Even a commercial service, IP Rental, that provides anonymized access to a temporary IP address chosen from a large pool, is chipping in. Although it provides commercial services, anyone from Iran can apparently request a free account. Of course, they presumably need encrypted access in order to safely exchange those emails in the fist place.

The main thing to emphasize is that anyone volunteering has the potential to do more harm than good. Improperly configuring any of these services can result in IP addresses that are visible and subject to blocking by Iranian authorities, or transmission of data in plain text. They also hold the potential of running you up against your ISP's usage caps, and may ultimately make your machine the target of hacking attempts by those loyal to the current Iranian government. It's essential that anyone considering helping the citizens of that nation out understand the risks and have sufficient technical competence to ensure that everything is configured properly.